Use ROS to create a backup vault for Cloud Backup - Cloud Backup

You can use Resource Orchestration Service (ROS) to call Cloud Backup resources. This topic describes how to create an Resource Orchestration Service template and use the template to automatically create a backup vault for Cloud Backup.

Supported resources

ROS is an Alibaba Cloud service that simplifies the management of cloud computing resources. You can create a template to describe the required cloud computing resources such as Elastic Compute Service (ECS) and ApsaraDB RDS instances, as well as the dependencies between the resources. ROS automatically creates and configures all resources based on the template to implement automated deployment and O&M. For more information, see What is ROS?

You can use ROS to call the API operations of Cloud Backup. Resources that can be orchestrated by using ROS include regular resources and data resources.

Regular resources:
- ALIYUN::HBR::BackupClients: installs backup clients on ECS instances.
- ALIYUN::HBR::RestoreJob: creates a restore job.
- ALIYUN::HBR::DbAgent: installs a backup client for a database.
- ALIYUN::HBR::DbPlan: creates a backup plan.
- ALIYUN::HBR::DbVault: creates a mirror vault.
- ALIYUN::HBR::Vault: creates a backup vault.
Data resources:
- DATASOURCE::HBR::Vaults: queries the information about backup vaults.

Permissions

In this example, you must create a backup vault. By default, Resource Orchestration Service uses the credentials of the user who logs on to the ROS console. The user must be granted the following permission:

AliyunHBRFullAccess: grants full permissions on Cloud Backup.

An Alibaba Cloud account has permissions on all API operations. Security risks may arise if you use an Alibaba Cloud account to call API operations. We recommend that you call API operations or perform routine O&M as a Resource Access Management (RAM) user. Before you call API operations as a RAM user, grant the required permissions to the RAM user based on your business requirements. The RAM user must have the permissions to manage Cloud Backup resources. For more information, see Create a RAM user and authorize the RAM user to access Cloud Backup.

Procedure

Log on to the ROS console. In the top navigation bar, select a region from the Region drop-down list.
In the left-side navigation pane, click Stacks. On the Stacks page, choose Create Stack > Use ROS.
- Specify Template: Select Select an Existing Template.
- Template Import Method: Select Enter Template Content.

Template Content: Select ROS and then enter code.

For more information about the syntax, description, and examples of how to create a backup vault, see ALIYUN::HBR::Vault. In this example, create a backup vault named test-vault.

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  VaultName:
    Description: The name of the backup vault. The name must be 1 to 64 characters
      in length.
    MaxLength: 64
    MinLength: 1
    Type: String
    Default: test-valut
Resources:
  ExtensionResource:
    Properties:
      VaultName:
        Ref: VaultName
      VaultType: STANDARD
    Type: ALIYUN::HBR::Vault
Outputs:
  BackupPlanStatistics:
    Description: The statistics of backup plans that use the backup vault.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - BackupPlanStatistics
  BytesDone:
    Description: 'The amount of data that is backed up. Unit: bytes.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - BytesDone
  CreateTime:
    Description: 'The time when the backup vault was created. This value is a UNIX
      timestamp. Unit: seconds.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - CreateTime
  Dedup:
    Description: Indicates whether the deduplication feature is enabled.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - Dedup
  Description:
    Description: The description of the backup vault.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - Description
  IndexAvailable:
    Description: Indicates whether indexes are available. Indexes are available when
      they are not being updated.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - IndexAvailable
  IndexLevel:
    Description: 'The index level.

      - **OFF**: No indexes are created.

      - **META**: Metadata indexes are created.

      - **ALL**: Full-text indexes are created.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - IndexLevel
  IndexUpdateTime:
    Description: The time when the index was updated.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - IndexUpdateTime
  LatestReplicationTime:
    Description: 'The time when the last remote backup was synchronized. This value
      is a UNIX timestamp. Unit: seconds.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - LatestReplicationTime
  PaymentType:
    Description: PaymentType.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - PaymentType
  RedundancyType:
    Description: 'The data redundancy type of the backup vault. Valid values:

      - **LRS**: Locally redundant storage (LRS) is enabled for the backup vault.
      HBR stores the copies of each object on multiple devices of different facilities
      in the same zone. This way, HBR ensures data durability and availability even
      if hardware failures occur.

      - **ZRS**: Zone-redundant storage (ZRS) is enabled for the backup vault. HBR
      uses the multi-zone mechanism to distribute data across three zones within the
      same region. If a zone fails, the data that is stored in the other two zones
      is still accessible.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - RedundancyType
  Replication:
    Description: 'Indicates whether the backup vault is a remote backup vault. Valid
      values:

      - **true**: The backup vault is a remote backup vault.

      - **false**: The backup vault is an on-premises backup vault.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - Replication
  ReplicationProgress:
    Description: The progress of data synchronization from the backup vault to the
      mirror vault.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - ReplicationProgress
  ReplicationSourceRegionId:
    Description: The ID of the region where the remote backup vault resides.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - ReplicationSourceRegionId
  ReplicationSourceVaultId:
    Description: The ID of the source vault that corresponds to the remote backup
      vault.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - ReplicationSourceVaultId
  ResourceGroupId:
    Description: The ID of the resource group.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - ResourceGroupId
  Retention:
    Description: 'The retention period of the backup vault. Unit: days.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - Retention
  SearchEnabled:
    Description: Indicates whether the backup search feature is enabled.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - SearchEnabled
  SourceTypes:
    Description: The information about the data source.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - SourceTypes
  StorageSize:
    Description: 'The usage of the backup vault. Unit: bytes.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - StorageSize
  Tags:
    Description: The tags of the backup vault.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - Tags
  TrialInfo:
    Description: The free trial information.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - TrialInfo
  UpdatedTime:
    Description: 'The time when the backup vault was updated. This value is a UNIX
      timestamp. Unit: seconds.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - UpdatedTime
  VaultId:
    Description: The ID of the backup vault.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - VaultId
  VaultName:
    Description: The name of the backup vault.
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - VaultName
  VaultStatusMessage:
    Description: 'The status message that is returned when the backup vault is in
      the ERROR state. This parameter is available only for remote backup vaults.
      Valid values:

      - **UNKNOWN_ERROR*: An unknown error occurs.

      - **SOURCE_VAULT_ALREADY_HAS_REPLICATION**: A mirror vault is configured for
      the source vault.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - VaultStatusMessage
  VaultStorageClass:
    Description: 'The storage type of the backup vault. Valid value: **STANDARD**,
      which indicates standard storage.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - VaultStorageClass
  VaultType:
    Description: 'The type of the backup vault. Valid value: **STANDARD**, which indicates
      a standard backup vault.'
    Value:
      Fn::GetAtt:
      - ExtensionResource
      - VaultType

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "VaultName": {
      "Description": "The name of the backup vault. The name must be 1 to 64 characters in length.",
      "MaxLength": 64,
      "MinLength": 1,
      "Type": "String",
      "Default": "test-valut"
    }
  },
  "Resources": {
    "ExtensionResource": {
      "Properties": {
        "VaultName": {
          "Ref": "VaultName"
        },
        "VaultType": "STANDARD"
      },
      "Type": "ALIYUN::HBR::Vault"
    }
  },
  "Outputs": {
    "BackupPlanStatistics": {
      "Description": "The statistics of backup plans that use the backup vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "BackupPlanStatistics"
        ]
      }
    },
    "BytesDone": {
      "Description": "The amount of data that is backed up. Unit: bytes.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "BytesDone"
        ]
      }
    },
    "CreateTime": {
      "Description": "The time when the backup vault was created. This value is a UNIX timestamp. Unit: seconds.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "CreateTime"
        ]
      }
    },
    "Dedup": {
      "Description": "Indicates whether the deduplication feature is enabled.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "Dedup"
        ]
      }
    },
    "Description": {
      "Description": "The description of the backup vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "Description"
        ]
      }
    },
    "IndexAvailable": {
      "Description": "Indicates whether indexes are available. Indexes are available when they are not being updated.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "IndexAvailable"
        ]
      }
    },
    "IndexLevel": {
      "Description": "The index level.\n- **OFF**: No indexes are created.\n- **META**: Metadata indexes are created.\n- **ALL**: Full-text indexes are created.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "IndexLevel"
        ]
      }
    },
    "IndexUpdateTime": {
      "Description": "The time when the index was updated.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "IndexUpdateTime"
        ]
      }
    },
    "LatestReplicationTime": {
      "Description": "The time when the last remote backup was synchronized. This value is a UNIX timestamp. Unit: seconds.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "LatestReplicationTime"
        ]
      }
    },
    "PaymentType": {
      "Description": "PaymentType.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "PaymentType"
        ]
      }
    },
    "RedundancyType": {
      "Description": "The data redundancy type of the backup vault. Valid values:\n- **LRS**: Locally redundant storage (LRS) is enabled for the backup vault. HBR stores the copies of each object on multiple devices of different facilities in the same zone. This way, HBR ensures data durability and availability even if hardware failures occur.\n- **ZRS**: Zone-redundant storage (ZRS) is enabled for the backup vault. HBR uses the multi-zone mechanism to distribute data across three zones within the same region. If a zone fails, the data that is stored in the other two zones is still accessible.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "RedundancyType"
        ]
      }
    },
    "Replication": {
      "Description": "Indicates whether the backup vault is a remote backup vault. Valid values:\n- **true**: The backup vault is a remote backup vault.\n- **false**: The backup vault is an on-premises backup vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "Replication"
        ]
      }
    },
    "ReplicationProgress": {
      "Description": "The progress of data synchronization from the backup vault to the mirror vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "ReplicationProgress"
        ]
      }
    },
    "ReplicationSourceRegionId": {
      "Description": "The ID of the region where the remote backup vault resides.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "ReplicationSourceRegionId"
        ]
      }
    },
    "ReplicationSourceVaultId": {
      "Description": "The ID of the source vault that corresponds to the remote backup vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "ReplicationSourceVaultId"
        ]
      }
    },
    "ResourceGroupId": {
      "Description": "The ID of the resource group.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "ResourceGroupId"
        ]
      }
    },
    "Retention": {
      "Description": "The retention period of the backup vault. Unit: days.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "Retention"
        ]
      }
    },
    "SearchEnabled": {
      "Description": "Indicates whether the backup search feature is enabled.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "SearchEnabled"
        ]
      }
    },
    "SourceTypes": {
      "Description": "The information about the data source.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "SourceTypes"
        ]
      }
    },
    "StorageSize": {
      "Description": "The usage of the backup vault. Unit: bytes.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "StorageSize"
        ]
      }
    },
    "Tags": {
      "Description": "The tags of the backup vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "Tags"
        ]
      }
    },
    "TrialInfo": {
      "Description": "The free trial information.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "TrialInfo"
        ]
      }
    },
    "UpdatedTime": {
      "Description": "The time when the backup vault was updated. This value is a UNIX timestamp. Unit: seconds.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "UpdatedTime"
        ]
      }
    },
    "VaultId": {
      "Description": "The ID of the backup vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "VaultId"
        ]
      }
    },
    "VaultName": {
      "Description": "The name of the backup vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "VaultName"
        ]
      }
    },
    "VaultStatusMessage": {
      "Description": "The status message that is returned when the backup vault is in the ERROR state. This parameter is available only for remote backup vaults. Valid values:\n- **UNKNOWN_ERROR*: An unknown error occurs.\n- **SOURCE_VAULT_ALREADY_HAS_REPLICATION**: A mirror vault is configured for the source vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "VaultStatusMessage"
        ]
      }
    },
    "VaultStorageClass": {
      "Description": "The storage type of the backup vault. Valid value: **STANDARD**, which indicates standard storage.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "VaultStorageClass"
        ]
      }
    },
    "VaultType": {
      "Description": "The type of the backup vault. Valid value: **STANDARD**, which indicates a standard backup vault.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "VaultType"
        ]
      }
    }
  }
}

Click Create and execute the created stack.
View the result.
After the backup vault named test-vault is created, you can view the backup vault by calling API operations, running SDKs, or performing operations in the Cloud Backup console.